Advisor doesn't work with proxy keys and ANTHROPIC_BASE_URL
Description
When using Claude Code with a proxy/gateway endpoint configured via ANTHROPIC_BASE_URL and authenticating with an OAuth token (ANTHROPIC_AUTH_TOKEN), the advisor feature (agentic security review) fails.
Root Cause
The agentic_review() function spawns a child Claude CLI process via the Agent SDK. However, the ANTHROPIC_BASE_URL environment variable is not forwarded to the child process, causing it to default to https://api.anthropic.com instead of the configured proxy endpoint.
When the child CLI tries to authenticate with the OAuth token against the default Anthropic API (instead of the proxy), it fails with authentication errors.
Configuration That Fails
export ANTHROPIC_AUTH_TOKEN="proxy_oauth_token"
export ANTHROPIC_BASE_URL="https://proxy.example.com/v1"
# advisor feature doesn't work ❌
Configuration That Works
export ANTHROPIC_API_KEY="sk-..."
export ANTHROPIC_BASE_URL="https://proxy.example.com/v1"
# advisor works because ANTHROPIC_AUTH_TOKEN is blanked and API key is used
Affected Users
- Anyone using LiteLLM, Bifrost, or self-hosted Anthropic-compatible proxies
- Users on Bedrock/Vertex/Foundry with proxy layers
- Any organization routing Claude API calls through a gateway
Solution
Forward ANTHROPIC_BASE_URL to the child CLI process in _agentic_spawn_env():
# Forward ANTHROPIC_BASE_URL to support proxy/gateway endpoints.
if os.environ.get("ANTHROPIC_BASE_URL"):
env["ANTHROPIC_BASE_URL"] = os.environ["ANTHROPIC_BASE_URL"]
File Affected
plugins/security-guidance/hooks/llm.py-_agentic_spawn_env()function
Related
- Claude Code uses ANTHROPIC_BASE_URL correctly in single-shot review
- Agent SDK respects ANTHROPIC_BASE_URL when provided
- The issue only manifests in agentic_review path due to missing env var forwarding
This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗